/* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 * 
 * 
* THIS SOURCE IS DERIVED FROM THE WORK REFERENCED BELOW, THE SEE THE FOR 
* LICENSE AND COPYRIGHT INFORMATION FOR THE SOURCE WORK.
* 
* SAMPLE: Generates random password, which complies with the strong password
*      rules and does not contain ambiguous characters.
*
* To run this sample, create a new Visual C# project using the Console
* Application template and replace the contents of the Class1.cs file with
* the code below.
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
* EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
*
* Copyright (C) 2004 Obviex(TM). All rights reserved.
*/

package cesynch.crystal.synchronizer;

import java.security.SecureRandom;
import java.util.Random;

/**
 * <p>Randomly generated password.</p>
 * <p>The length of the generated password will be determined at
 *  random. It will be no shorter than the minimum default and
 * no longer than maximum default.
 * 
 * @author <a href="http://www.obviex.com/Samples/Password.aspx">http://www.obviex.com/Samples/Password.aspx</a>
 */
public class PasswordGenerator
{
    private static int DEFAULT_MIN_PASSWORD_LENGTH  = 8;
    private static int DEFAULT_MAX_PASSWORD_LENGTH  = 8;

    // Define supported password characters divided into groups.
    // You can add (or remove) characters to (from) these groups.
    private static final String PASSWORD_CHARS_LCASE  = "abcdefgijkmnopqrstwxyz";
    private static final String PASSWORD_CHARS_UCASE  = "ABCDEFGHJKLMNPQRSTWXYZ";
    private static final String PASSWORD_CHARS_NUMERIC= "23456789";
    private static final String PASSWORD_CHARS_SPECIAL= "@#$";

    // Use a 4-byte array to fill it with random bytes and convert it then
    // to an integer value.
    private static byte[] randomBytes = new byte[4];
    // Convert 4 bytes into a 32-bit integer value.
    private static int seed;

    // Now, this is real randomization.
    private static Random  random  = new Random(seed);
    private static boolean isInit;

    private static void init() throws Exception
    {
        if (!isInit)
        {
            // Generate 4 random bytes.
            SecureRandom.getInstance("SHA1PRNG").nextBytes(randomBytes);
            seed = (randomBytes[0] & 0x7f) << 24 |
                    randomBytes[1]         << 16 |
                    randomBytes[2]         <<  8 |
            randomBytes[3];
            isInit = true;
        }
    }
    /**
     * 
     * @return
     */
    public static String generate() throws Exception
    {
        return generate(DEFAULT_MIN_PASSWORD_LENGTH,  DEFAULT_MAX_PASSWORD_LENGTH);
    }

    /// <summary>
    /// Generates a random password of the exact length.
    /// </summary>
    /// <param name="length">
    /// Exact password length.
    /// </param>
    /// <returns>
    /// Randomly generated password.
    /// </returns>
    public static String generate(int length) throws Exception
    {
        return generate(length, length);
    }

    /// <summary>
    /// Generates a random password.
    /// </summary>
    /// <param name="minLength">
    /// Minimum password length.
    /// </param>
    /// <param name="maxLength">
    /// Maximum password length.
    /// </param>
    /// <returns>
    /// Randomly generated password.
    /// </returns>
    /// <remarks>
    /// The length of the generated password will be determined at
    /// random and it will fall with the range determined by the
    /// function parameters.
    /// </remarks>
    public static String generate(int   minLength, int   maxLength) throws Exception
    {
        PasswordGenerator.init();
        
        // Make sure that input parameters are valid.
        if (minLength <= 0 || maxLength <= 0 || minLength > maxLength)
            return null;

        // Create a local array containing supported password characters
        // grouped by types. You can remove character groups from this
        // array, but doing so will weaken the password strength.
        char[][] charGroups = new char[][] 
        {
            PASSWORD_CHARS_LCASE.toCharArray(),
            PASSWORD_CHARS_UCASE.toCharArray(),
            PASSWORD_CHARS_NUMERIC.toCharArray(),
            PASSWORD_CHARS_SPECIAL.toCharArray()
        };

        // Use this array to track the number of unused characters in each
        // character group.
        int[] charsLeftInGroup = new int[charGroups.length];

        // Initially, all characters in each group are not used.
        for (int i = 0; i < charsLeftInGroup.length; i++)
            charsLeftInGroup[i] = charGroups[i].length;
        
        // Use this array to track (iterate through) unused character groups.
        int[] leftGroupsOrder = new int[charGroups.length];

        // Initially, all character groups are not used.
        for (int i=0; i<leftGroupsOrder.length; i++)
            leftGroupsOrder[i] = i;

        // Because we cannot use the default randomizer, which is based on the
        // current time (it will produce the same "random" number within a
        // second), we will use a random number generator to seed the
        // randomizer.
        
        // This array will hold password characters.
        char[] password = null;

        // Allocate appropriate memory for the password.
        if (minLength < maxLength)
            password = new char[random.nextInt(maxLength - minLength) + minLength];
        else
            password = new char[minLength];

        // Index of the next character to be added to password.
        int nextCharIdx;
        
        // Index of the next character group to be processed.
        int nextGroupIdx;

        // Index which will be used to track not processed character groups.
        int nextLeftGroupsOrderIdx;
        
        // Index of the last non-processed character in a group.
        int lastCharIdx;

        // Index of the last non-processed group.
        int lastLeftGroupsOrderIdx = leftGroupsOrder.length - 1;
        
        // Generate password characters one at a time.
        for (int i=0; i<password.length; i++)
        {
            // If only one character group remained unprocessed, process it;
            // otherwise, pick a random character group from the unprocessed
            // group list. To allow a special character to appear in the
            // first position, increment the second parameter of the Next
            // function call by one, i.e. lastLeftGroupsOrderIdx + 1.
            if (lastLeftGroupsOrderIdx == 0)
                nextLeftGroupsOrderIdx = 0;
            else
                nextLeftGroupsOrderIdx = random.nextInt(lastLeftGroupsOrderIdx);

            // Get the actual index of the character group, from which we will
            // pick the next character.
            nextGroupIdx = leftGroupsOrder[nextLeftGroupsOrderIdx];

            // Get the index of the last unprocessed characters in this group.
            lastCharIdx = charsLeftInGroup[nextGroupIdx] - 1;
            
            // If only one unprocessed character is left, pick it; otherwise,
            // get a random character from the unused character list.
            if (lastCharIdx == 0)
                nextCharIdx = 0;
            else
                nextCharIdx = random.nextInt(lastCharIdx+1);

            // Add this character to the password.
            password[i] = charGroups[nextGroupIdx][nextCharIdx];
            
            // If we processed the last character in this group, start over.
            if (lastCharIdx == 0)
                charsLeftInGroup[nextGroupIdx] = charGroups[nextGroupIdx].length;
            // There are more unprocessed characters left.
            else
            {
                // Swap processed character with the last unprocessed character
                // so that we don't pick it until we process all characters in
                // this group.
                if (lastCharIdx != nextCharIdx)
                {
                    char temp = charGroups[nextGroupIdx][lastCharIdx];
                    charGroups[nextGroupIdx][lastCharIdx] = 
                                charGroups[nextGroupIdx][nextCharIdx];
                    charGroups[nextGroupIdx][nextCharIdx] = temp;
                }
                // Decrement the number of unprocessed characters in
                // this group.
                charsLeftInGroup[nextGroupIdx]--;
            }

            // If we processed the last group, start all over.
            if (lastLeftGroupsOrderIdx == 0)
                lastLeftGroupsOrderIdx = leftGroupsOrder.length - 1;
            // There are more unprocessed groups left.
            else
            {
                // Swap processed group with the last unprocessed group
                // so that we don't pick it until we process all groups.
                if (lastLeftGroupsOrderIdx != nextLeftGroupsOrderIdx)
                {
                    int temp = leftGroupsOrder[lastLeftGroupsOrderIdx];
                    leftGroupsOrder[lastLeftGroupsOrderIdx] = 
                                leftGroupsOrder[nextLeftGroupsOrderIdx];
                    leftGroupsOrder[nextLeftGroupsOrderIdx] = temp;
                }
                // Decrement the number of unprocessed groups.
                lastLeftGroupsOrderIdx--;
            }
        }

        // Convert password characters into a string and return the result.
        return new String(password);
     }
    
    public static void main(String[] args) throws Exception
    {
        for (int i = 0; i < 1000; i++)
        {
            System.out.println(PasswordGenerator.generate());
        }
    }
}
